Help Center/ GaussDB(DWS)/ More Documents/ User Guide/ Audit Logs/ Configuring the Database Audit Logs
Updated on 2022-06-10 GMT+08:00

Configuring the Database Audit Logs

Prerequisites

Database audit logs are configured on the Security Settings page. You can change security settings only when the cluster status is Available and Unbalanced, and Task Information cannot be Creating snapshot, Scaling out, Configuring, or Restarting.

Procedure

  1. Log in to the GaussDB(DWS) management console.
  2. Click Clusters.
  3. In the cluster list, click the name of a cluster. On the page that is displayed, click Security Settings.

    By default, Configuration Status is Synchronized, which indicates that the latest database results are displayed.

  4. In the Audit Settings area, configure the audit log retention policy.

    Table 1 describes the detailed information.

    Table 1 Audit log retention policy

    Parameter

    Description

    Audit Log Retention Policy

    Specifies the audit log retention policy. Possible values are:

    • Space priority: Audit logs will be automatically deleted if the size of audit logs on a single node exceeds 1 GB.
    • Time priority: Audit logs will be retained within the minimum retention period. After this period expires, audit logs will be automatically deleted if the size of audit logs on a single node exceeds 1 GB.

    Space priority is preferred.

    Minimum Retention Period (day)

    This parameter is valid when Audit Log Retention Policy is set to Time priority.

    The value ranges from 0 to 730 days. The default value is 90 days.

  5. Enable the audit function for the following operations if necessary.

    Table 2 describes the detailed information about the audit items.

    Table 2 Audit items

    Parameter

    Description

    Audit Unauthorized Access

    Specifies whether to record unauthorized operations. This parameter is disabled by default.

    Audit DML Execution

    Specifies whether to record INSERT, UPDATE, and DELETE operations on tables. This parameter is disabled by default.

    Audit SELECT Execution

    Specifies whether to record the SELECT operation. This parameter is disabled by default.

    Audit Stored Procedure Execution

    Specifies whether to record operations when executing the stored procedure or user-defined functions. This parameter is disabled by default.

    Audit COPY Execution

    Specifies whether to record the COPY operation. This parameter is disabled by default.

    Audit DDL Execution

    Specifies whether to record the CREATE, DROP, and ALTER operations of specified database objects. DATABASE, SCHEMA, and USER are selected by default.

    Except the audit items listed in Table 2, key audit items in Table 3 are enabled by default on GaussDB(DWS).

    Table 3 Key audit items

    Parameter

    Description

    Key audit items

    Records successful and failed logins and logout.

    Records database startup, stop, recovery, and switchover.

    Records user locking and unlocking.

    Records the grants and reclaims of user permissions.

    Records the audit function of the SET operation.

  6. Enable or disable audit log dumps.

    For more information, see Enabling Audit Log Dumps.

  7. Click Apply.

    Click . The configuration status Applying indicates that the configurations are being saved.

    When the status changes to Synchronized, the configurations are saved and take effect.